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METHOD OF CLUSTER MANAGEMENT OF NETWORK DEVICES AND APPARATUS 

THERE OF 

Field of the Invention 

The present invention relates to a network device 
management method, particularly to a method of managing 
Transfer Control Protocol/Internet Protocol network devices 
and an apparatus thereof in a cluster manner. 

Background of the Invention 

As network scale and scope enlarge quickly, people 1 s 
activities rely on network services more and more, and the 
network load becomes heavier and heavier; whether from the 
viewpoint of network subscribers or from the viewpoint of 
network administrators, it is increasingly urgent to manage 
networks effectively . 

In today's network environments, there are mainly 3 
approaches for management of network devices, which are 
described as follows respectively. 

The first approach is to connect a network management 
device directly to network devices to be managed via serial 
ports, to implement configuration management of the network 
devices . The ma j or advantage of the approach lies in its simple 
management means, without needing other additional devices; 
furthermore, since the network devices to be managed are 
connected directly via serial ports, it is unnecessary to 
allocate management IP addresses to them when they are 
configured, and thereby save IP resource. However, since the 
network devices ma'y be distributed in a large area, in 
particular, in a telecom network, there are a large number 
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of data devices distributed across the network, such a 
management approach will inevitably bring difficulties to 
maintenance work and cause heavy workload. 

The second approach is to manage TCP/IP network devices 
5 remotely on the basis of the Single Network Management 
Protocol (SNMP) or the terminal emulation protocol TELNET. 
Compared with the first approach, since the network management 
procedure is implemented on a standard IP protocol stack, it 
is simple to implement and light in workload; in addition, 

10 it has little correlation with other devices, so that the 
administrator can implement remote management of network 
devices to be managed through a network management terminal 
or TELNET emulation terminal ; however, the major disadvantage 
is: each network device to be managed has to be allocated with 

15 a public network IP address, which will result in waste of 
IP address resource; especially, in a telecom network with 
a large number of devices, that disadvantage is more severe. 

The last approach is put forth on the basis of the second 
approach; its core idea is to take the serial numbers of network 

20 devices allocated by the device manufacturer as device 
addresses to implement management of network devices; 
therefore, such an approach can save IP address resource; 
however, it is applicable to devices from a specific 
manufacturer and the network management program runs on a 

25 private protocol stack and thereby the management protocol 
nearly has no openness and is unable to implement unified 
management of network devices from different manufacturers. 

Summary of the Invention 

30 An object of the present invention is to provide a method 



of cluster management of network devices, which can implement 
concentrate management of a large number of TCP/IP network 
devices with a small amount of IP address resource, and thereby 
reduces maintenance workload and simplifies network 
management . 

Another object of the present invention is to provide an 
apparatus of cluster management of network devices. 

To attain above objects, in the method of cluster 
management of network devices of the present invention, a 
plurality of network devices compose a cluster, wherein at 
least one network device is set as the cluster management 
device and configured with a public IP address; other network 
devices are configured and updated with private IP addresses 
and routes by said cluster management device; said network 
management device manages the network devices in the cluster 
according to the following steps of: 

(A) establishing IP data channels via said cluster 
management device between the network devices in the cluster 
and said network management device by said cluster management 
device; and 

(B) managing the network devices in the cluster through 
said IP data channels by said network management device. 

Preferably, in above managing method of network devices, 
said cluster management device configures and updates other 
network devices with private IP addresses and routes according 
to information of topological architecture of the network and 
device information of the network devices in the cluster. More 
preferably, said cluster management device configures the 
other network devices with private IP addresses dynamically. 

Preferably, in above managing method of network devices, 



said cluster comprises a plurality of said cluster management 
devices, and one of the cluster management devices is 
responsible for managing the configuration and update of 
private IP addresses and routes of the network devices in the 
cluster as well as the communication between said network 
management device and the network devices in the cluster; in 
case said cluster management device fails, one of the other 
cluster management devices is designated to be responsible 
for managing the configuration and update of private IP 
addresses and routes of the network devices in the cluster 
as well as the communication between said network management 
device and the network devices in the cluster, according to 
a predetermined policy. 

In the present invention, the plurality of network devices 
compose a cluster through the following steps: 

(1) designating a device in the network as the cluster 
management device and configuring the device correspondingly 
by the network management device; 

(2) initiating a topology acquisition process to acquire 
information of topological architecture of the network within 
a specified number of hops in the network by the cluster 
management device ; 

(3) designating candidate devices to be added to the 
cluster in the topological architecture according to the 
information of topological architecture acquired from the 
cluster management device, and informing the cluster 
management device to start the cluster member device addition 
process by the network management device; 

(4) adding the designated candidate devices to the 
cluster and configures the candidate devices correspondingly 
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by the cluster management device, so as to make the candidate 
devices become member devices of the cluster; 

(5) after the cluster is established, managing the member 
devices in the cluster by the cluster management device, and 
5 forwarding management messages which are from outside of the 
cluster and destined to the member devices through standard 
Network Address Translation (NAT) process to corresponding 
member devices to process, and processing the management 
messages according to normal processing process by the member 
10 devices. 

Said configuring the cluster management device 
correspondingly as described in step (1) includes configuring 
the following items on the device: cluster name, enable state 
of cluster, management IP address pool of cluster, state 

15 retention time of cluster, handshaking time interval of member 
devices, role of the management device in the cluster, and 
IP address of the management device. 

The process of adding candidate network devices to the 
cluster in step (4) comprises: 

20 (Al) sending cluster addition requests to candidate 

network devices that can be added to the cluster by the cluster 
management device ; 

(A2) determining whether it can be added to the cluster 
or not according to its own condition by the candidate device; 

25 if the candidate device can not be added to the cluster, feeding 
back a reject response and terminating the cluster addition 
process; otherwise feeding back an accept response to the 
cluster management device; 

(A3) after receiving the response from the candidate 

30 device and if the candidate device agrees to be added to the 



cluster, sending a configuration message containing private 
IP address, member number, handshaking interval, state 
retention time, etc. to said candidate device by the cluster 
management device; after receiving the message, configuring 
5 the candidate device correspondingly, and sending a complete 
response to the cluster management device after the 
configuration . 

In step (A2), determining whether the candidate device 
itself can be added to the cluster is implemented through 

10 determining whether the candidate device has already been in 
another cluster and whether software version in the device 
supports cluster management. 

In step (A2), before feeding back the accept response to 
be added to the cluster to the cluster management device, the 

15 candidate device will determine whether a super user password 
is set on itself; if a super user password has not been set, 
the candidate device feeds back the accept response message 
to be added to the cluster directly; if a super user password 
has been set, the candidate device feeds back an 

20 authentication request to the cluster management; then, the 
candidate device authenticates itself according to the 
authentication information sent from the management device; 
if the authentication is successful, the candidate device 
feeds back the accept response to be added to the cluster; 

25 otherwise feeds back a reject response to be added to the 
cluster to the cluster management device. 

The necessary configuration for each member device added 
to the cluster in step (4) includes configuring each member 
device with the following items : member device number, private 

30 IP address of member device, name of member device, state of 



member device, operating state of member device, and cluster 
management password . 

The identification of each member device added to the 
cluster in step (4) is performed with a data structure 
comprising the following fields: 

network type: designed to identify the type of network 
where the device is; 

physical address: designed to identify the physical 
address of the device in the network. 

In above network device management method, in step (1), 
said cluster management device establishes IP data channels 
via said cluster management device between said network 
management device and the network devices in the cluster with 
stream transform technology or address translation 
technology. 

The cluster management apparatus for network devices 
according to the present invention comprises: a cluster device 
manager and a member device manager; wherein: 
said cluster device manager comprises: 

a translation module, designed to perform network address 
translation for management messages of member devices; 

a DHCP-like module, designed to accomplish allocation 
of private IP addresses to member network devices; 

a cluster member management module, designed to manage 
member network devices in a concentrate manner, and to forward 
management messages, which are from outside of the cluster 
and destined to member devices, through the standard network 
address translation module to respective member devices to 
process, so that the member devices can process the management 
messages according to normal processing process; 
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a topological information processing module, designed 
to detect the topological architecture of network and to 
acquire the information of topological architecture of 
network within a specified number of hops in the network; 
5 said member device manager comprises: 

a cluster member management module, designed to 
accomplish cluster management at the member device end; 

a topological information processing module, designed 
to accomplish detection of adjacent " devices and 

10 response/forwarding of topology acquisition requests. 

It can be seen from above description that the present 
invention can be implemented on the existing IP protocol stack 
through configuring each member device added to the cluster 
(including allocating private IP addresses and identifying) ; 

15 therefore, it is simple to implement and has good openness, 
facilitating management of network devices from different 
manufacturers; through the use of private IP addresses in 
management of the network devices, it saves valuable public 
IP address resource; in addition, since the present invention 

20 uses standard NAT to forward device management messages, it 
is easy to be implemented in hardware, and thereby enhances 
universality of the present invention and reduces the load 
on CPUs of the management devices, and implements concentrate 
management of a large number of network devices; therefore, 

25 with the present invention, effective cluster management of 
network devices can be implemented. 



Brief Description of the Drawings 

Fig.l is a schematic diagram of the cluster management 
30 system with the method of the present invention; 



Fig. 2 is a flow diagram of the method with which a plurality 
of network devices compose a cluster according to the present 
invention; 

Fig. 3 is a flow diagram of adding a candidate network 
device to the cluster, which is used in the method shown in 
Fig. 2; 

Fig. 4 is a structural block diagram of an embodiment of 
the apparatus according to the present invention. 

Detailed Description of the Embodiments 

The core idea of the present invention is: a plurality 
of network devices compose a cluster; wherein the network 
device designated as the cluster management device is 
allocated with a public IP address, other network devices use 
a private IP address segment configured and updated by the 
cluster management device; the cluster management device is 
the only external management interface of the entire cluster; 
in other words, whenever the network management device tries 
to access or manage any network device in the cluster, an IP 
data channel via the cluster management device has to be 
established. In this way, the network devices in the cluster 
are managed in a concentrate manner. Above public IP address 
may be configured by the network management device outside 
of the cluster or configured on the cluster management device 
by the subscriber. 

Fig.l is a schematic diagram of the cluster management 
system with the method of the present invention. As shown in 
Fig. 1, the IP address of the network management device station 
(i.e., network management device) is 69.110.1.100; the 
network administrator designates a network device in the 



cluster as the command switch (usually a Lay-3 switch or a 
network device with higher performance) and allocates a public 
IP address 69.110.1.1 to it (e.g., configure via the command 
line interface of the network management device or that of 
the command switch) ; there is also a backup switch (usually 
a Lay-3 switch or a network device with higher performance) 
in the cluster and member switches 1-3 (usually a Lay-2 switch 
or low-end network device with similar function) . In the 
cluster shown in Fig.l, the command switch is equivalent to 
the cluster management device, and is responsible for 
establishment, concentrate management , and maintenance of the 
entire cluster network, including addition/deletion of member 
devices, maintenance of states of member devices, and 
information acquisition of topological architecture of the 
cluster network, e.g., allocating private IP addresses and 
routes to the member switches. To enhance reliability of 
network management and avoid the effect of single point 
failure to cluster management function, a backup switch or 
backup cluster management device shall also be configured, 
so that the backup switch can take over the task of the command 
switch to continue to manage the entire cluster network in 
a concentrate manner in case the command switch fails. After 
member devices are added to the cluster, the user can manage 
them remotely through the command switch, including 
configuration and inquiry operations. In addition, a switch 
with cluster management function may also determine whether 
to add in the cluster by its configuration, for instance, the 
candidate switch with cluster management function as shown 
in Fig . 1 . 

To save public IP address resource as far as possible, 
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for a cluster, only the command switch in the cluster is 
allocated with a public IP address, and other network devices 
with cluster management function are not allocated with public 
IP addresses; in case the command switch fails, the public 
5 IP address of the command switch is allocated to the 
substituting backup switch, or a new public IP address may 
be allocated to the backup switch which substitutes the 
command switch. After such a switching, the specific cluster 
configuration update will be started and accomplished by the 

10 new command switch. 

During concentrate management of the network devices with 
the standard protocol stack and private IP address segment 
according to the present invention, the plurality of network 
devices compose a cluster through the following steps, as 

15 shown in Fig. 2, which shows the detailed embodiment. Firstly, 
in step 1, a device (usually a Lay-3 switch or a network device 
with higher performance) in the network is designated as the 
cluster management device by the network management device 
or by the user through command line, and then the device is 

20 configured correspondingly; in the embodiment, the items 
configured include : 

cluster name: the name that identifies the managed 
cluster; 

cluster enable state: designed to identify whether the 
25 managed cluster is in enabled state; 

cluster management IP address pool : the private IP address 
segment configured for member devices; 

cluster retention time: designed to indicate the duration 
after which the member is deemed as disconnected from the 
30 management device if no handshaking message from the member 
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device is received; 

handshaking time interval: designed to configure the time 
interval at which handshaking messages are sent between the 
member device and the management device; 
5 role of the management device in the cluster: designed 

to identify whether the device is a management device or a 
member device; 

management IP address of the management device: the IP 
address designed to identify the management device for 

10 communication in the cluster; 

In step 2, the scope of management cluster is determined 
first; to this end, it is required that the network management 
device determines the number of hops for acquisition of 
network topology, and then, the cluster management device 

15 initiates a topology acquisition process to acquire 
information of topological architecture of the network within 
a specified number of hops in the network, in order to acquire 
information of managed devices to be added into the management 
cluster, the information including MAC address and 

20 interconnection port number of each managed device; 

In step 3, the network management device/command line user 
decides whether to establish a device management cluster 
according to the topological information acquired by the 
cluster management device and other relevant information; for 

25 instance, in case there are a few devices, the scope of the 
management cluster shall be reselected, instead of 
establishing the management cluster immediately. If a 
management cluster can be established, the network management 
device/command line user notifies the cluster management 

30 dev ice to start the member device addition process. 



In step 4, the cluster management device determines the 
candidate devices that can be added into the cluster and adds 
the determined candidate devices to the cluster so that the 
devices become member devices of the cluster; at the same time, 
the cluster management device configures each member device 
added to the cluster, including allocating private IP address 
and member number. (In a practical communication network, a 
device need not be connected to Internet or another dedicated 
network in some instances; in this case, it is unnecessary 
to follow the regulations for IP address application and 
registration, and that device may use any address, e.g., a 
private IP address. RFC 1597 (Address Allocation for Private 
Internets) defines the following IP address segments for use 
as private addresses: 

Class A addresses: 10.0.0.0 to 10.255.255.255 
Class B addresses: 172.16.0.0 to 172.31.255.255.255 
Class C addresses: 192.168.0.0 to 192.168.255.255 
Therefore, above private IP addresses may be used in 
management of devices in the cluster. 

The configuration (including allocating private IP 
address and member number) to each member device added to the 
cluster including configuring the following items: 

cluster name: designed to identify the name of the cluster 
where the current switch is; 

cluster password: which is a uniform cluster management 
password, designed to authenticate management processes in 
the cluster; 

member device number: designed to identify the device 
uniquely in the cluster. It is an internal number for indexing 
in the implementation; 
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private IP address of member device: which is the network 
address of the member device for communication in the IP 
network; 

IP address of the management device : designed for IP-based 
5 communication between the member devices and the management 
device in the cluster; 

name of member device: designed to identify the name of 
the device. 

In the embodiment, the identification of each member 
10 device that is added to the cluster is performed with the data 
structure comprising the following fields: 







Physical 


Address of 


type (2 bytes) 


Reserved (2 bytes) 


Device 


in the 






network 


(6 bytes) 



network type (Type) : designed to identify the type of the 
15 network where the device is; 

physical address: designed to identify the physical 
address of the device in the network and represented with 
characters . 

There are 10 bytes in all in above structure, wherein the 
20 Type field comprises 2 bytes, the Physical Address field 
comprises 6 bytes, the Reserved field comprises 2 bytes for 
other uses. With above structure, it is unnecessary to use 
manufacturer-defined device identification methods. The 
method is favorable to ensure uniqueness of each device; and 
25 device uniqueness is ensured by uniqueness of the physical 
address. Furthermore, such an identification is not limited 



to a certain physical network, for example, if Type = 0, the 
physical address of device in the network is expressed as an 
Ethernet address. The Type may be extended according to the 
physical network where the device is. 

In above step 4, the process through which a candidate 
network device is added to the cluster comprises the following 
steps, referring to Fig. 3: 

in step 11, the cluster management device sends a cluster 
addition request to the candidate network device that can be 
added to the cluster. In step 12, the candidate device 
determines whether it can be added to the cluster according 
to its condition, e.g., whether the candidate device is in 
another cluster, or whether the software version in the device 
support cluster management; if the candidate device can not 
be added to the cluster, it terminates the addition process 
and feeds back a reject response to be added to the cluster 
to the cluster management device; otherwise, in step 13, the 
candidate device determines whether a super user password is 
set; if not, authentication is unnecessary, and the candidate 
device feeds back an accept response directly; if the device 
has set a password, the candidate device authenticates the 
management device in step 14; if the authentication is 
successful, the candidate device feeds back an accept response 
in step 15; otherwise the candidate device feeds back a reject 
message and terminates the cluster addition operation. 

The device authentication operation described above is 
as follows: first, the candidate device returns a message 
containing a challenge for authentication to the management 
network device; after receiving the message, the cluster 
management device utilizes the challenge to encrypt the 



-16- 

authentication information including the candidate network 
device and authentication password (which may be a cluster 
management password sent by the cluster network device) , and 
then encapsulates the authentication information into a 
5 response message, and sends the message to the respective 
candidate device; after the candidate device authenticates 
and confirms the identity of the management network device, 
it returns an accept acknowledge message to the management 
network device. 

10 In step 16, after receiving the accept response from the 

candidate network device, the cluster management device 
allocates a cluster member identifier, a private IP address 
for management, and other configuration information to the 
candidate network device, encapsulates the information and 

15 a password (may be encrypted) into a configuration message, 
and sends the message to the candidate device; after receiving 
the message, the candidate device parses out the configuration 
information including the password, the cluster management 
number, and the management private IP therein, and records 

20 the configuration information sent from the cluster 
management device, then, the candidate network device changes 
its role to a member switch, and then returns a complete message 
to the cluster management device; after receiving the complete 
message from the candidate network device, the cluster 

25 management device identifies the candidate network device as 
a cluster member. Thus, the candidate device addition process 
ends . 

Fig. 4 is a structural block diagram of an embodiment of 
the apparatus according to the present invention. The cluster 
30 management apparatus for network devices shown in the diagram 
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comprises a cluster device manager Al disposed at the command 
switch end and a cluster member device manager A2 at the member 
switch end, wherein: 

the cluster device manager Al is disposed in the cluster 
5 management device and is designed to implement cluster 
management of member devices, comprising: 

a translation module All, designed to perform network 
address translation for management messages of member 
devices ; 

10 a DHCP-like module A12, designed to accomplish allocation 

of private IP addresses to member network devices; 

a cluster member management module A13, designed to manage 
member network devices in a concentrate manner, and to forward 
management messages, which are from outside of the cluster 
15 and destined to member devices, through the standard network 
address translation module to respective member devices to 
process, so that the member devices can process the management 
messages according to normal processing procedures; 

a topological information processing module A14 , designed 
20 to detect the topological architecture of network and to 
acquire the information of topological architecture of 
network within a specified number of hops in the network; 

the member device manager A2 is disposed in the managed 
member device and is designed to implement management at the 
25 member device side in the cluster management, comprising: 
a cluster member management module A21, designed to 
accomplish cluster management at the member device end; 

a topological information processing module A22, designed 
to accomplish detection of adjacent devices and 
30 response/forwarding of topology acquisition requests. 
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When above apparatus is used for cluster management of 
network devices, first, the topological information 
processing module A14 acquires information of topological 
architecture of network within a specified number of hops in 
5 the network through the topological information processing 
module A22 at the candidate device side, and sends the 
information to the cluster member management module A13; the 
cluster member management module A13 sends a cluster addition 
request to the cluster member management module A21 in the 

10 candidate device that can be added to the cluster; the cluster 
member management module A21 determines whether to be added 
to the cluster according to its conditions, and feeds back 
an accept or a reject response to the cluster member management 
module A13; when the cluster member management module A13 

15 receives an accept message from the candidate device, the 
DHCP-like module A12 performs allocation of a private IP 
address of member network device and sends the private IP 
address, together with configuration information including 
member number, handshaking interval, and state retention time 

20 etc, to the cluster member management module A21 in the 
candidate device via the'cluster member management module A13; 
the cluster member management module A21 uses the information 
to configure the device accordingly, and feeds back a complete 
response to the cluster management device after the 

25 configuration operation. After the candidate device becomes 
a member device of the cluster, the management messages, which 
are from outside of the cluster and destined to the member 
device, will be processed in standard network address 
translation at the translation module All and then forwarded 

30 to the cluster member management module A21 of the respective 
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member device via the cluster member management module A13, 
so that the member device can process the management messages 
through usual processing procedures. 

Hereunder a preferred embodiment of implementing cluster 
5 management in the cluster shown in Fig.l is described with 
reference to Fig. 4. As shown in Fig. 4, a translation module 
All, a DHCP-like module A12, a cluster member management 
module A13, and a topological information processing module 
A14 are disposed at the command switch end; a cluster member 

10 management module A21 and a topological information 
processing module A22 are disposed in each member switch. 
Hereunder the function of each module and the cooperative 
working flow among the modules are described. 

The topological information processing module shown in 

15 Fig. 4 is designed to acquire information of topological 
architecture of network and that of network devices; in 
particular, the topological information processing module 
implements network device detection function and obtain 
information of topological architecture of network through 

20 processing the acquired information of devices, e.g., device 
type and software/hardware version. 

After power on, the topological information processing 
modules in the command switch and the member switch send 
topological information processing messages, containing 

25 information of the devices in which the respective modules 
are, to other surrounding immediate adjacent devices 
periodically; at the same time, they also receive topological 
information processing messages containing information of 
device from surrounding adjacent devices and process the 

30 information correspondingly; for instance, if the received 



message is from an unregistered new device overtime, the 
topological information processing module adds a new entry 
in' the information buffer of adjacent devices to store 
information of the new device, and begins timing for the new 
entry; if the module hasn't yet received any new message from 
a registered device within a specified time period overtime, 
it ages the corresponding entry; if the information contained 
in the received message from is different from the information 
previously stored in the registered device, it updates the 
previously stored information, and restarts timing. The 
periodical transmission of information of device (topological 
information processing message) by the topological 
information processing module may be implemented with a timer; 
for instance, when the timer reaches to the set value, the 
module begins to send the information of device (topological 
information processing message) ; after the transmission is 
completed, the timer resets and restarts timing. In addition, 
the transmission of information of device (topological 
information processing message) is independent to standard 
spanning tree protocol (STP) , it may be performed as long as 
there are physical connections between the network devices. 
The topological information processing messages will pass 
through STP-blocked ports, but they are forbidden to be 
forwarded, i.e., the topological information processing 
messages are only valid within 1 hop range. In this way, the 
device always knows the state and topological architecture 
of its adjacent devices. 

When the information of topological architecture of 
network is required or a cluster is to be established, the 
topological information processing module may be triggered 



to acquire information through the following steps: first, 
the acquisition scope is configured at the acquisition 
initiating device (the device may not always be the command 
switch; when necessary, a member device may also be the 
acquisition initiator) , then, the topological information 
processing module of the device sends an acquisition request 
to the surrounding adjacent devices. After the topological 
information processing module of a surrounding adjacent 
device receives the request, it returns a response message 
containing the information of device to the initiating device 
and decreases the number of hops by 1; if the number of hops 
is not equal to 0 after it is decreased by 1, the topological 
information processing module of the adjacent device forwards 
the request to its adjacent network devices; otherwise it 
stops forwarding. To avoid flooding resulted from repeated 
message sending and loop, the topological information 
processing module shall send or forward the request messages 
depending on STP tree. The topological information processing 
module of the acquisition initiating device processes the 
response message containing the information of device to 
obtain the information of topological architecture of network 
within the acquisition scope. To ensure integrity and 
availability of the information of topological architecture 
of network, the topological information processing module 
performs acquisition and processing on the data link layer. 

After obtaining the information of topological 
architecture of network through the topological information 
processing module, the command switch begins to establish a 
cluster. In particular, first, the cluster member management 
module at the command switch end obtains information of 
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relevant candidate switches (i.e., network devices that can 
be added to the cluster but haven't been added to) from the 
topological information processing module, and then 
cooperates with the cluster member management module at the 
5 candidate switch end to add the candidate switches to the 
cluster in auto mode (i.e., add all candidate switches to the 
cluster automatically) or manual mode (i.e., the user 
specifies the candidate switches to be added to the cluster 
from the list of candidate devices) . If the user has known 

10 the information (e.g., MAC Address) of the candidate network 
device, the step of acquiring the information of topological 
architecture performed by the topological information 
processing module may be omitted, and the user may add the 
device to the cluster through manual operation directly. 

15 When a candidate switch is added to the cluster, the member 

management module at the command switch end treats the managed 
device (the candidate member switch) as a special user, and 
allocate a private IP address and configure the candidate 
member device with relevant route dynamically through the 

20 DHCP-like module, so that an IP data channel between the 
command switch and the member switch is established in the 
cluster. After the member device is configured with a private 
IP address, an IP data channel for communication inside the 
cluster and outside the cluster shall also be established. 

25 To this end, the cluster member management module at the 
command switch end also configures the member device with the 
private IP address translation policy through the translation 
module when the member device is added, and establishes an 
IP data channel so that network management device station 

30 outside the cluster can access the member devices inside the 
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cluster, or the member devices can access the network 
management device station. The conversion may be performed 
with stream transform technology or NAT technology. In 
conclusion, through above configuration, an IP data channel 
5 between the network management device and a member switch is 
established via the command switch, and the user can manage 
the plurality of devices in the cluster with a public IP address 
through the remote network management station. 

After a member switch is added to the cluster, the member 

10 switch can start the handshaking process with the command 
switch through respective cluster member management modules, 
so as to maintain the state of cluster. 

Besides above primary function modules, backup modules 
(not shown) can also be used to implement backup function for 

15 the command switch, i.e., through designating a backup switch, 
the management function of the command switch can be handed 
over to the designated backup command switch with the 
specified policy in case the command switch fails, and thereby 
system halt resulted from single point failure at the command 

20 switch can be avoided. 



